hyungi/gpu-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3794afff95a4fe384210803292d4d32cd6d1ad52
gpu-services/hub-api/routers/auth.py
Hyungi Ahn 3794afff95 feat: AI Gateway Phase 1 - FastAPI 코어 구현 
GPU 서버 중앙 AI 라우팅 서비스 초기 구현:
- OpenAI 호환 API (/v1/chat/completions, /v1/models, /v1/embeddings)
- 모델 레지스트리 + 백엔드 헬스체크 (30초 루프)
- Ollama SSE 프록시 (NDJSON → OpenAI SSE 변환)
- JWT 인증 이중 경로 (httpOnly 쿠키 + Bearer 토큰)
- owner/guest 역할 분리, 로그인 rate limiting
- 백엔드별 rate limiting (NanoClaude 대비)
- SQLite 스키마 사전 정의 (aiosqlite + WAL)
- Docker Compose + Caddy 리버스 프록시

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 13:41:46 +09:00

80 lines
1.9 KiB
Python
Raw Blame History

from fastapi import APIRouter, Request, Response
from pydantic import BaseModel
from config import settings
from middleware.auth import (
check_login_rate_limit,
create_token,
record_login_attempt,
)
router = APIRouter(prefix="/auth", tags=["auth"])
class LoginRequest(BaseModel):
password: str
class LoginResponse(BaseModel):
role: str
token: str
@router.post("/login")
async def login(body: LoginRequest, request: Request, response: Response):
ip = request.client.host if request.client else "unknown"
if not check_login_rate_limit(ip):
return _error_response(429, "Too many login attempts. Try again in 1 minute.")
record_login_attempt(ip)
if body.password == settings.owner_password:
role = "owner"
elif body.password == settings.guest_password:
role = "guest"
else:
return _error_response(401, "Invalid password")
token = create_token(role)
# Set httpOnly cookie for web UI
response.set_cookie(
key="token",
value=token,
httponly=True,
samesite="lax",
max_age=settings.jwt_expire_hours * 3600,
)
return LoginResponse(role=role, token=token)
@router.get("/me")
async def me(request: Request):
role = getattr(request.state, "role", "anonymous")
if role == "anonymous":
return _error_response(401, "Not authenticated")
return {"role": role}
@router.post("/logout")
async def logout(response: Response):
response.delete_cookie("token")
return {"ok": True}
def _error_response(status_code: int, message: str):
from fastapi.responses import JSONResponse
return JSONResponse(
status_code=status_code,
content={
"error": {
"message": message,
"type": "auth_error",
"code": f"auth_{status_code}",
}
},
)
Reference in New Issue View Git Blame Copy Permalink